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REMARKS 

In response to the final Official Action of September 17, 2008, independent claims 
1, 9, 25, and 27 have been amended to particularly point out and distinctly claim the 
invention and to make clear the arguments previously recited for distinguishing the 
present invention over the cited art. It is respectfully submitted that the claim amendment 
does not raise new issues and therefore should be entered. 

Claim Rejections - 35 USC §103 

At pages 4-15, claims 1, 3, 4, 6, 8, 9, 11, 12, 14, 17, 18, 19-23, 25, and 27 are 
rejected under 35 USC §1 03(a) as being unpatentable over US patent application 
publication 2002/0147920, Mauro, in view of US patent application publication 
2002/0150243, Craft, et al (hereinafter Craft), further in view of US patent 6,978,022, 
Okimoto, et al (hereinafter Okimoto). 

With respect to claim 1, the Office asserts that Mauro discloses a method for 
managing cryptographic keys that are specific to a personal device, including the actions 
of retrieving in a secure processing point separated from and arranged in communication 
with the personal device, a unique chip identifier from a read-only storage of an integrated 
circuit chip included in the personal device, the secure processing point storing a data 
package in the personal device, the data package including at least one cryptographic 
key and storing sensitive data in a tamper-resistant secret storage [of chip] an integrated 
circuit chip included in the personal device. 

The Office further asserts that Mauro does not disclose receiving at the secure 
processing point, in response to storing the data package, associating the unique chip 
identifier with the received backup data package from the personal device, and storing the 
backup data package in the associated unique chip identifier, but that Craft discloses 
receiving at the secure processing point, in response to storing the data package, a 
backup data package from the personal device, which backup data package is the data 



10 



Attorney Docket No. 915-008.013 
Application Serial No. 10/696,495 



package encrypted with unique secret chip keys stored in a tamper-resistant secret 
storage of chip, associating the unique chip identifier with the received backup data 
package; and storing the backup data package in the associated unique chip identifier in 
a permanent public database separated from the personal device. 

Okimoto is cited for teaching the feature of the secure processing point being 
separated from the personal device. The Office asserts that the combination of the three 
references would be obvious to the person of ordinary skill in the art at the time the 
invention was made, because it would securely deliver encrypted content on demand with 
access control. 

The Present Invention 

As set forth in the present application, there is a need for personal devices to 
include one or more device specific cryptographic keys where the number and types of 
these keys are dependent on the different applications included in the device, which 
applications will differ between different users and their respective usage of the device. 
Furthermore, it is noted that it is difficult to perceive these numbers and types of keys that 
should be included in the device and therefore it is necessary to be able to store a variety 
of keys in a storage area of the device when initializing the device. Typically, most of 
these keys will be stored in some non-robust memory; that is, any memory in which 
information can be written and with the potential risk of losing any such information due to 
failure of the mechanism used for maintaining the information and the memory. As a 
consequence, in the case of a failure of the device that results in loss of the original 
stored keys, it is desired to be able to restore these keys in a device and, in particular, 
when transferring any secret keys or private keys for re-storage in the device, it is typically 
required to maintain secrecy and integrity of the transferred keys (specification, page 2, 
line 17 through page 3, line 2). 
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Thus, an object of the invention is to provide a method and system for managing, 
with reduced overhead, cryptographic keys that are specific to a personal device. It is 
noted that in an embodiment of the invention, a data package, including one or more 
cryptographic keys is assembled and loaded in a personal device from a secure 
processing point of a device assembly line in order to store device-specific cryptographic 
keys in the personal device. In response to the transfer data package, a back-up data 
package is received by the secure processing point from the personal device, which 
backup data package is the data package sent to the device, but encrypted with a unique 
secret key stored in a tamper-resistant secret storage of a chip included in the personal 
device. The secure processing point retrieves a unique chip identifier from the chip in the 
device and associates the unique chip identifier with the backup data package, after 
which the backup data package together with the associated unique chip identifier is 
stored in a permanent, global, public database (specification, page 4, lines 10-25). 

By so doing, neither the device manufacturer nor any device administrator needs 
to maintain a secret database storing keys for decrypting backup data packages since the 
backup data package can be decrypted by the device using the non-distributed unique 
secret chip key stored in the device if, for some reason, the data package sent to the 
device from the secure processing point is later lost or rendered inoperative (specification, 
page 5, lines 14 through page 6, line 3). 

It is to this overall methodology that claim 1 is directed. 

The Art Rejection 

The Office asserts that Mauro teaches the action of retrieving in a secure 
processing point separated from and arranged in communication with the personal 
device, a unique chip identifier from a read-only storage of an integrated circuit chip 
included in the personal device (citing paragraph [0038] of Mauro). 
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Initially, it should be noted that Mauro is directed to techniques for providing secure 
processing and data storage for a wireless communication device, wherein a remote 
terminal includes a data processing unit, a main processor, and a secure unit. The data 
processing unit processes data for communication over a wireless link. The main 
processor provides control for the remote terminal and the secure unit includes a secure 
processor that performs the secure processing for the remote terminal and a memory that 
provides secure storage of data. The secure processor may include embedded read-only 
memory (ROM) that stores program instructions and parameters used for secure 
processing (Mauro, Abstract). 

The referenced paragraph [0038] in Mauro describes Figure 3, where Figure 3 is a 
diagram of a specific embodiment of secure unit 240 of remote terminal 110 (see Figure 
1). Therefore, ROM 252 is implemented within secure processor 250 where the secure 
processor 250 is operated without dependency on other external elements (Mauro 
paragraph [0038]). This is at variance to the requirement of the action recited in claiml of 
retrieving in a secure processing point separated from and arranged in communication 
with the personal device. Consequently, ROM 252 of secure processor 250 is eart of the 
personal device, contrary to what is specifically recited in claim 1 . 

The Office further recites that the second action in claim 1; namely, the secure 
processing point storing a data package in the personal device, the data package 
including at least one cryptographic key, is taught by Mauro at paragraph [0034], lines 1- 
7; namely, a secure unit 240 to perform all secure processing and store all "sensitive" 
data by various cryptographic technique. Paragraph [0034] of Mauro discusses secure 
processing and data storage within secure unit 240 of remote terminal 110 and thus it is 
not equivalent to the secure processing point as set forth in claim 1 which assembles a 
data package and loads the data package in the personal device for storage therein, 
where the secure processing point is separated from and arranged in communication with 
the personal device. Claim 1 has been amended to particularly point out and claim that 
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the secure processing point assembles the data package and loads the data package in 
the personal device for storage therein. Support for this amendment is found in the 
original application as filed, including Figure 1 and in the specification, including page 11, 
line 34 through page 12, line 7. It is respectfully submitted that this amendment to claim 1 
does not raise any issue which would require further examination. Thus, this aspect of 
claim 1 is also not taught by Mauro. 

Furthermore, it should be emphasized that Mauro has nothing to do with managing 
cryptographic keys that are specific to a personal device, but rather is directed to 
techniques for providing secure processing and data storage for a wireless 
communication device. Mauro has nothing to do with storing a backup data package 
which the personal device has received from the separated secure processing point, 
wherein the backup data package and an associated unique chip identifier is encrypted 
with a unique secret key stored in a tamper-resistant secret storage of an integrated 
circuit chip included in the personal device and further wherein the backup data package 
and associated unique chip identifier is maintained in a permanent public database 
separated from the personal device . 

The Office further relies upon Craft for showing the next action of claim 1; namely, 
receiving at the secure processing point, and response to storing the data package, a 
backup data package from the personal device, which backup data package is the data 
package encrypted with a unique secret chip key stored in a tamper-resistant storage of 
the chip, citing Craft, including paragraphs [0019] and [0021]. 

Initially, it should be noted that Craft is directed to a secure communication 
methodology, wherein a client device is configured to download application code and/or 
content data from a server operated by a service provider. Embedded within the client is 
a client private key, a client serial number, and a copy of a server public key. The client 
forms a request, which includes the client serial number, encrypts the request with the 
server public key, and sends the download request to the server. The server decrypts the 
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request with the server's private key and authenticates the client. The received client 
serial number is used to search for a client public key that corresponds to the embedded 
client private key, whereby the server encrypts its response, which includes the requested 
information, with the client public key of the requesting client so that only the private key 
of the requesting client can decrypt the information downloaded from the server (Craft, 
Abstract). 

Thus, the whole methodology of Craft is to allow a client device to request and 
receive information from a server in a reliable fashion. Paragraphs [0019] and [0021] of 
Craft in reference to Figures 2 and 4 discuss a flow chart by which a server receives an 
encrypted (with the server public key) client request message, decrypts the encrypted 
client request message with the server private key, retrieves the client serial number from 
the decrypted client request message, searches for the client public key associatively 
stored with the client serial number, retrieves the client public key, retrieves encrypted 
client authentication data from the decrypted client request message, decrypts encrypted 
client authentication data and verifies decrypted client authentication data all being 
performed by the server. 

It is not seen how these actions of the server correspond to receiving a backup 
data package from the personal device, which backup data package is the data package 
encrypted with a unique secret key stored in a tamper-resistant secret storage of the chip. 
Rather, it shows that server can receive an encrypted message from the client, wherein 
the encrypted message contains the necessary client serial number and such that it is 
encrypted with the server's public key thereby allowing the server to decrypt the message 
with the server's private key so as to authenticate the client. There is no teaching or 
suggestion of receiving a backup data package corresponding to the data package sent 
to the personal device from the secure processing point (server). 

The Office in the Response to Arguments section states that Craft teaches 
receiving a backup data package corresponding to the data package sent to the personal 
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device from the secure processing point, citing Craft, Figure 2 and paragraphs [0019] and 
[0021]. The recited paragraphs in Craft merely describe Figures 2 and 4 respectively, 
where Figure 4 is a flow chart depicting a process by which a server system with 
knowledge of the required server private key receives and authenticates a request for 
encrypted application code and/or encrypted content data from a client. It is not seen in 
Craft where such retrieval of encrypted client authentication data (or any other step 
shown in Figure 4) teaches a secure processing point receiving in response to 
assembling and loading a data package in the personal device for storage therein, a 
backup data package from that personal device which backup data package is the data 
package encrypted with a unique secret chip key stored in a tamper-resistant secret 
storage of an integrated circuit chip included in the personal device. 

The Office further relies on paragraphs [0041] and [0043] of Craft for asserting that 
Craft teaches associating the unique chip identifier with the received backup data 
package and storing the backup data package and the associated unique chip identifier in 
a permanent public database. What paragraphs [0041] and [0043] of Craft are directed 
to is that the client CPU chip is a special-purpose client-system processor chip which has 
a cryptographic unit that has been manufactured to contain programmable memory 
storage. Prior to releasing the CPU chip, the manufacturer permanently embeds a client 
serial number, the assigned client private key, and the server public key in the CPU chip. 

As shown in Figure 2, the client CPU chip contains a cryptographic unit which 
includes the client serial number 216, the client private key 218, and the server public key 
220. Even if as argued by the Office, the client serial number 216 in Craft is equivalent to 
a unique chip identifier and a server's client public key data store 222 is equivalent to a 
permanent public database, there is still no showing in Craft of the server 208 receiving a 
backup data package from the personal device, wherein the backup data package is the 
data package received by the personal device from the secure processing point, but 
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encrypted with a unique secret chip key stored in a tamper-resistant secret storage of the 
integrated circuit chip included in the personal device. 

Rather, Craft merely discloses that the client serial number is used to form a 
request to the server, the request encrypted with the server's public key for purposes of 
server authentication of the client. There is absolutely no disclosure in Craft of receiving a 
backup data package encrypted with a unique secret chip key stored in a tamper-resistant 
secret storage of an integrated circuit chip included in the personal device. Furthermore, 
the fact that paragraph [0043] of Craft discloses that the manufacturer of the client CPU 
chip may then destroy any existing copies of the client private key 218 while the client 
serial number 216 and the client public key corresponding to the client private key 218 are 
associatively retained for subsequent use and deployment such as by storing them within 
the server's client public key data store 22, at best is for purposes of retrieving the client 
serial number and the client public key corresponding to a client private key, but is not for 
purposes of allowing the personal device to retrieve a data package which was previously 
sent to it by a secure processing point in case the data previously received becomes 
damaged or destroyed for some reason. 

It is therefore not seen how paragraphs [0041] and [0043] of Craft disclose these 
particular actions recited in claim 1 . 

Further in the Response to Arguments section, the Office states per item (C) that 
the obviousness rejection is not based upon improper hindsight reasoning as long as it 
takes into account only knowledge which was within the level of ordinary skill at the time 
that the claimed invention was made, and does not include knowledge gleaned only from 
the applicant's disclosure. 

In the present final Official Action, the Office asserts that it would have been 
obvious to the person of ordinary skill in the art at the time the invention was made to 
combine the method of Mauro by including other features, such as receiving in response 
to storing the data package, associating the unique chip identifier with the received 
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backup data package, and storing the backup data package with the associated unique 
chip identifier of Craft, because it would ensure security of the communication between 
client devices and servers (citing Craft, paragraph [0013], lines 1-4). Lines 1-4 of 
paragraph [0013] merely state that given the type of computational environment to which 
Craft is directed (method and system for controlled distribution of application code and 
content data within a computer network) there is an important need to maintain control 
over down-loaded application code and content and to ensure security of the 
communications between client devices and servers. Such is not the same as the intent 
of the present invention which is to provide a method and system for managing with 
reduced overhead, cryptographic keys that are specific to a personal device (see "The 
Present Invention" section, above). 

Consequently, it is respectfully submitted that a person of ordinary skill in the art 
would not combine Mauro and Craft in the manner as suggested by the Office. 

Finally, the Office relies upon Okimoto and, in particular, column 3, line 67 through 
column 4, line 1, as well as column 5, lines 52-53, for disclosing that a secure processing 
point is separated from a personal device. 

Okimoto is an encryption renewal system and for registration and remote activation 
of an encryption device specifically associated with a system for securely delivering 
encrypted content on demand with access control, such as associated with cable systems 
and the like. It is disclosed in Okimoto that content is encrypted once at a centralized 
facility and is usable at different point-to-point systems through use of an encryption 
renewal system (ERS) for performing entitlement control messages (ECM) retrofitting to 
keep pre-encrypted contents usable (Okimoto, page 3, lines 26-28). 

With respect to the encryption renewal service, it is disclosed that the renewal 
service is separated into two or more computing platforms to protect the data and that the 
second platform is physically separated to handle secure processing. The fact that an 
encryption renewal system uses two or more computing platforms in no way is suggestive 
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of a secure processing point separated from and arranged in communication with a 
personal device so as to store a data package in the personal device, as well as to 
receive a backup data package from the personal device encrypted using a secret chip 
key stored in a tamper-resistant secret storage of an integrated circuit chip included in the 
personal device. 

For all of the foregoing reasons, it is respectfully submitted that amended claim 1 is 
not suggested by a combination of Mauro and Craft further in view of Okimoto. 

For similar reasons as those presented above with respect to amended claim 1 , it 
is respectfully submitted that independent system claim 9, independent personal device 
claim 18, independent secure processing point claim 25 and independent device claim 27 
are also not anticipated by Mauro in view of Craft in view of Okimoto since each of these 
claims recite features corresponding to those recited above with respect to claim 1. 

Furthermore, dependent claims 3, 4, 6, 8, 11, 12, 14, and 19-23 are also further 
distinguished over Mauro in view of Craft further in view of Okimoto at least in view of 
their dependency from independent claims which are distinguished over the cited art. 

At page 16, claims 2, 5, 8, 10, 13, 16, 24, and 26 are rejected under 35 USC 
§1 03(a) as unpatentable over Mauro in view of Craft further in view of Okimoto further in 
view of US patent application publication 2002/0157002, Messerges, et al. Each of these 
claims is dependent upon an independent claim which is believed to be distinguished 
over the cited art and therefore each of these claims is believed to be further 
distinguished over the cited art at least in view of such dependency. 

It is therefore respectfully requested that the Office reconsider the rejection of the 
claims based upon the arguments contained herein and the amendment to independent 
claims 1, 9, 25, and 27 which particularly point out and distinctly claim the assembly and 
loading of the data package by the secure processing point. 

It is therefore respectfully submitted that the present application is in condition for 
allowance and reconsideration of the rejection of the claims is earnestly solicited. 
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The undersigned respectfully submits that no fee is due for filing this Amendment 
After Final. The Commissioner is hereby authorized to charge to deposit account 23- 
0442 any fee deficiency required to submit this paper. 



Dated: November 17. 2008 



Bradford Green, Building Five 
755 Main Street, P.O. Box 224 
Monroe, CT 06468 
Telephone: (203)261-1234 
Facsimile: (203)261-5676 
USPTO Customer No. 004955 
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